Package: release.debian.org Severity: normal Tags: buster User: release.debian.org@packages.debian.org Usertags: pu This brings the fix for a use after free crash to buster. Since there were no other changes between buster and bullseye, I elected to just add a "backport to buster" changelog. -- bye, pabs https://wiki.debian.org/PaulWise
diff -u libapache-mod-auth-kerb-5.4/debian/changelog libapache-mod-auth-kerb-5.4/debian/changelog --- libapache-mod-auth-kerb-5.4/debian/changelog +++ libapache-mod-auth-kerb-5.4/debian/changelog @@ -1,3 +1,16 @@ +libapache-mod-auth-kerb (5.4-2.4~deb10u1) buster; urgency=medium + + * Rebuild for buster + + -- Paul Wise <pabs@debian.org> Sun, 27 Oct 2019 13:58:04 +0800 + +libapache-mod-auth-kerb (5.4-2.4) unstable; urgency=medium + + * Non-maintainer upload. + * Apply patch from upstream issue tracker to fix crash (Closes: #934043) + + -- Paul Wise <pabs@debian.org> Mon, 21 Oct 2019 11:15:20 +0800 + libapache-mod-auth-kerb (5.4-2.3) unstable; urgency=medium * Don't apply the delegation patch, it can break gssapi auth. (Closes: diff -u libapache-mod-auth-kerb-5.4/debian/patches/series libapache-mod-auth-kerb-5.4/debian/patches/series --- libapache-mod-auth-kerb-5.4/debian/patches/series +++ libapache-mod-auth-kerb-5.4/debian/patches/series @@ -10,0 +11 @@ +mod_auth_kerb-krb5_kt_close.patch only in patch2: unchanged: --- libapache-mod-auth-kerb-5.4.orig/debian/patches/mod_auth_kerb-krb5_kt_close.patch +++ libapache-mod-auth-kerb-5.4/debian/patches/mod_auth_kerb-krb5_kt_close.patch @@ -0,0 +1,20 @@ +Description: fix use after free in authenticate_user_krb5pwd() +Origin: https://sourceforge.net/p/modauthkerb/bugs/61/attachment/mod_auth_kerb-krb5_kt_close.patch +Bug: https://sourceforge.net/p/modauthkerb/bugs/61/ +Bug-Debian: https://bugs.debian.org/934043 +Author: Johan Ymerson (https://sourceforge.net/u/ymerson/) +diff -ruN mod_auth_kerb-5.4.orig/src/mod_auth_kerb.c mod_auth_kerb-5.4/src/mod_auth_kerb.c +--- mod_auth_kerb-5.4.orig/src/mod_auth_kerb.c 2018-12-12 16:59:43.762013269 +0100 ++++ mod_auth_kerb-5.4/src/mod_auth_kerb.c 2018-12-12 16:59:59.151945123 +0100 +@@ -799,11 +799,9 @@ + "failed to verify krb5 credentials: %s", + krb5_get_err_text(context, ret)); + krb5_kt_end_seq_get(context, keytab, &cursor); +- krb5_kt_close(context, keytab); + goto end; + } + krb5_kt_end_seq_get(context, keytab, &cursor); +- krb5_kt_close(context, keytab); + } + else { + if ((ret = verify_krb5_init_creds(r, context, &creds, server, keytab))) {
Attachment:
signature.asc
Description: This is a digitally signed message part